How to use ntpdate behind a proxy?

ntp proxy ntpdate

This seems like a clear case for tlsdate. 

 tlsdate: secure parasitic rdate replacement

  tlsdate sets the local clock by securely connecting with TLS to remote
  servers and extracting the remote time out of the secure handshake. Unlike
  ntpdate, tlsdate uses TCP, for instance connecting to a remote HTTPS or TLS
  enabled service, and provides some protection against adversaries that try
  to feed you malicious time information.

I do not think i have ever seen so many recommendations to use unsanitized data from internet as an argument to a sudo invocation.

Github: https://github.com/ioerror/tlsdate


Expanding on the answer by carveone:

sudo date -s "$(wget -S  "http://www.google.com/" 2>&1 | grep -E '^[[:space:]]*[dD]ate:' | sed 's/^[[:space:]]*[dD]ate:[[:space:]]*//' | head -1l | awk '{print $1, $3, $2,  $5 ,"GMT", $4 }' | sed 's/,//')"

One Liner

Assuming environment variable http_proxy is already set:

sudo date -s "$(curl -H'Cache-Control:no-cache' -sI google.com | grep '^Date:' | cut -d' ' -f3-6)Z"

we can verify the retrieved date/time first:

# local  date/time
date -d "$(curl -HCache-Control:no-cache -sI google.com | grep '^Date:' | cut -d' ' -f3-6)Z"

# or UTC date/time
date -ud "$(curl -HCache-Control:no-cache -sI google.com | grep '^Date:' | cut -d' ' -f3-6)"

Notes

Just in case, certain options might be needed for curl:

  • curl -x $proxy

    to explicitly set the proxy server to use, when the http_proxy environment variable is not set, default to protocol http and port 1080 (manual).

  • curl -H 'Cache-Control: no-cache'

    to explicitly disable caching, especially when used in a cron job and/or behind a proxy server.

Alternate form tested with RHEL 6 that uses the '-u' option to date instead of appending the "Z" to the output:

sudo date -u --set="$(curl -H 'Cache-Control: no-cache' -sD - http://google.com |grep '^Date:' |cut -d' ' -f3-6)"

BTW, google.com is preferred over www.google.com, because the former results in a 301 redirect response, which is much smaller (569 vs 20k+ characters) but still good to use.


NTP service is using UDP protocol to sync the time. So HTTP/TCP proxy may not work for it. Alternative to accepted answer, there is a good htpdate tool to sync time behind proxy.

A cron job example:

* 3 * * * /usr/bin/htpdate -s -P <PROXY_HOST>:<PROXY__PORT> www.linux.org www.freebsd.org

If it is purely an HTTP proxy, it is using port 80, so the basic answer is no to that specifically. NTP uses UDP port 123. If it is a more generic proxy server, serving all ports, then maybe.

There are some programs out there that do NTP over HTTP. I do not use Linux, but this one might do it:

http://www.rkeene.org/oss/htp/ (still not sure if this will do authentication either).

I could not find one for Windows, but I will post back if I do.

Related

Should I defrag an SSD drive? [duplicate]
Why do SSD sectors have limited write endurance?
How can I force stop a program without using the mouse in Windows 10?
Don't exit full screen when pressing escape in apps like Safari on Lion
Outlook Rules - How to use "OR" boolean?
List files recursively showing only full path and file size from Windows Command Prompt
Windows 10 is unable to load Android devices as MTP devices
How to hide desktop.ini files without hiding other hidden files/folders?
HTML Tag Auto Complete in Notepad++?
How to stop windows resizing when the monitor display channel is turned off / switched to different source
How can I hide taskbar labels in Windows 10 without combining icons?
How can I own an IP address?